Version History (ChangeLog)
- Switched the license of SoftEther VPN from GPLv2 to Apache License 2.0. Text messages on source codes and UIs have been modified.
- Supports 4-digit expiration date on X.509 certificates.
- Replaced SHA-0 implementation.
- Improved integrity and security of C source codes. Fixed several buffer overflows and integer overflows. Enforced NULL pointer checks. Fixed problems on the size of malloc() and Zero Memory functions. These problems include a vulnerability that a malformed packet will cause the buffer overflow at the receive path. This vulnerability may occur abnormal process exit with the buffer security check mechanism built-in with SoftEther VPN binary. Although this buffer overflow can theoretically bypass the security check in theory, in the actual binary it is detected by the buffer security check inserted by the C compiler and the process is forcibly terminated. Therefore, as a result, it can be abused by a DoS attacker. Acknowledgments: The last problems is discovered and reported by Fabrizio Steiner.
- Modified the behavior at the executing of the ethtool command to call just the command name instead of the full path. Fixed a single code on the SecureNAT function that SYN and ACK were reverse.
- Fixed the bug on the creating of SingleInstance objects that the temporary file will remain as a garbage after the file lock will fail on UNIX operating systems.
- Fixed the problem that the full path of the home directory will be sometimes obtained as wrong value on UNIX operating systems.
- Fixed the problem that processing the system datetime values which are before 1970-01-01.
标签:
VPN